Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
File: PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft (raw, json)
Hash identifier: 1OGbg6V6UrBou7I/aroRVJ3kv5+cz3JPIWsEW3Tmbgs=
Subject key identifier: 1C:11:3C:7D:7E:39:57:D2:41:36:99:48:35:B2:EF:9C:69:E7:21:0C
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019DCE62B71FAD03F51F65CF509B32E2CCED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
Manifest number: 12EA
Signing time: Mon 27 Apr 2026 10:01:09 +0000
Manifest this update: Mon 27 Apr 2026 10:01:09 +0000
Manifest next update: Tue 28 Apr 2026 10:01:09 +0000
Files and hashes: 1: 7XPR057HTONIllGtY9NijiuY-tk.roa (hash: rKfjiDRkcr3HFT8PmmA3P0sCBQ3drFmQ5QDnLKCb/BE=)
2: PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl (hash: SdvMKlwT1qebKvKsk7ALnEc+i600n/1y1f0c9OMB0wo=)
3: T4FApCxhFe83q9A7YZlC1nZYzIE.roa (hash: LjUt5usAgPWHNriSJWMg7OS8Oagi6w46/dUqLi/UEzA=)
4: Wn-ZLE8xGx2iUZq_8EgFIe3BY1M.roa (hash: SwGxPAdfidv7O5nNS+nKj4I72Qs5sJPeTh9qbwfsZWo=)
5: YuGYvjrFzLezHsgzIUZ0asWCqVk.roa (hash: aZLneGXD5YvsOe9tvMiGcrBxDYxxGmpY4vDCZwd72Z8=)
6: fLae4aR9HsO6ApeohQnbJHEsvgg.roa (hash: /b3Xi59hV2RbWadggK4I0wXvCWO8lTHkzV3V9hJ6K0Y=)
7: jccKxXf-KlBy0OODUdeGAP1Pln4.roa (hash: kXcgJH+D8EkeDblDPw+VtydCo7evj5I/OxvPnwmyUe8=)
8: r2cUyHBMaewNpNV3po9MOZwNcyU.roa (hash: SVkhtUySEPUVdVwXoSgDIclbqsQ0muf2pONZTDoO/YE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:62:b7:1f:ad:03:f5:1f:65:cf:50:9b:32:e2:cc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Apr 27 10:01:09 2026 GMT
Not After : Apr 28 10:01:09 2026 GMT
Subject: CN=1c113c7d7e3957d24136994835b2ef9c69e7210c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:59:21:db:db:9f:14:e4:28:f3:2b:bb:83:
d1:3f:5a:d5:ca:bd:b2:d6:d7:37:b8:43:2e:43:f1:
62:9f:9a:35:fa:e2:0d:55:aa:f8:5d:15:cd:13:9e:
58:27:72:61:66:3b:0f:be:c8:dd:0e:d7:35:5e:3a:
97:d0:ed:25:ea:17:89:5c:67:77:4c:d0:47:4e:f0:
7e:2b:85:93:57:9d:04:4e:a6:4b:14:09:c8:73:93:
da:fb:35:08:5d:28:c5:98:64:ce:60:7b:6a:5c:90:
75:d4:6e:51:4f:1a:49:23:41:cc:1c:98:1c:2f:c0:
e3:4c:1a:e7:07:31:36:ee:b7:8d:10:09:37:89:38:
8e:a1:4e:73:ad:70:ee:66:4d:b1:cd:1a:44:04:da:
91:55:62:6f:cb:48:a4:70:5d:75:25:e7:31:71:2b:
e9:3a:2d:c0:5b:3a:d2:6f:b8:e6:1f:5d:b4:2e:25:
34:a2:9a:3b:a4:43:ab:31:84:c0:cc:85:ec:49:40:
88:fd:6b:ff:52:9b:6a:8e:29:41:32:94:51:0d:46:
aa:6c:21:57:c3:72:2a:f3:3a:e1:9c:a6:76:b5:92:
e9:c5:82:d8:3e:3e:55:aa:0e:83:30:48:30:68:f5:
5e:d6:33:ad:44:62:56:9d:91:97:f5:b4:21:c2:2e:
b9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:11:3C:7D:7E:39:57:D2:41:36:99:48:35:B2:EF:9C:69:E7:21:0C
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:15:d2:57:81:29:ea:20:ea:bc:e9:73:66:59:91:78:aa:5a:
4d:eb:71:cd:ce:49:69:24:23:e8:9b:f0:4a:c4:f1:ad:9b:f9:
29:10:11:a9:30:5b:16:08:d0:38:69:e2:d1:03:d5:7d:5d:02:
51:2b:8b:4a:47:f4:81:d2:f0:85:41:5a:51:14:b3:c2:27:5e:
c8:82:53:a2:7a:41:27:bb:48:9e:17:43:f3:d8:34:b8:59:26:
c3:e2:7a:a6:bb:ff:21:96:f8:95:fe:ea:03:71:4f:49:d7:78:
f5:0c:93:2a:6d:f4:b2:05:f3:ae:86:2a:d4:6e:b1:2b:0c:2b:
fe:6f:67:f7:b2:9a:44:8e:3b:64:54:0a:22:3f:27:04:49:c8:
9d:96:ea:13:6d:d1:0a:e2:24:9f:8b:b8:b4:99:02:63:88:2c:
d7:c0:ba:88:1c:83:1b:7b:79:27:1b:7e:c8:dc:7c:2b:0b:0a:
6c:bc:e3:03:89:db:56:32:29:6c:17:c8:45:66:fb:09:96:41:
54:64:21:76:32:7f:d2:d4:a2:d9:9a:77:52:b7:84:07:b1:18:
48:34:04:4a:d4:2b:65:0d:1d:5c:02:7e:93:e1:b2:f8:80:ef:
9e:41:2f:57:b2:fc:45:8b:db:3b:5c:ae:dd:43:d0:92:bf:d1:
69:95:54:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OYrcfrQP1H2XPUJsy4sztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjYwNDI3MTAwMTA5WhcNMjYwNDI4MTAwMTA5WjAzMTEwLwYDVQQD
EygxYzExM2M3ZDdlMzk1N2QyNDEzNjk5NDgzNWIyZWY5YzY5ZTcyMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/5ZIdvbnxTkKPMru4PRP1rVyr2y
1tc3uEMuQ/Fin5o1+uINVar4XRXNE55YJ3JhZjsPvsjdDtc1XjqX0O0l6heJXGd3
TNBHTvB+K4WTV50ETqZLFAnIc5Pa+zUIXSjFmGTOYHtqXJB11G5RTxpJI0HMHJgc
L8DjTBrnBzE27reNEAk3iTiOoU5zrXDuZk2xzRpEBNqRVWJvy0ikcF11JecxcSvp
Oi3AWzrSb7jmH120LiU0opo7pEOrMYTAzIXsSUCI/Wv/UptqjilBMpRRDUaqbCFX
w3Iq8zrhnKZ2tZLpxYLYPj5Vqg6DMEgwaPVe1jOtRGJWnZGX9bQhwi65KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwRPH1+OVfSQTaZSDWy75xp5yEMMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxXSV4Ep
6iDqvOlzZlmReKpaTetxzc5JaSQj6JvwSsTxrZv5KRARqTBbFgjQOGni0QPVfV0C
USuLSkf0gdLwhUFaURSzwideyIJTonpBJ7tInhdD89g0uFkmw+J6prv/IZb4lf7q
A3FPSdd49QyTKm30sgXzroYq1G6xKwwr/m9n97KaRI47ZFQKIj8nBEnInZbqE23R
CuIkn4u4tJkCY4gs18C6iByDG3t5Jxt+yNx8KwsKbLzjA4nbVjIpbBfIRWb7CZZB
VGQhdjJ/0tSi2Zp3UreEB7EYSDQEStQrZQ0dXAJ+k+Gy+IDvnkEvV7L8RYvbO1yu
3UPQkr/RaZVUHA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:07:31 2026 by rpki-client